diff --git a/.github/workflows/code-analysis-built-module.yml b/.github/workflows/code-analysis-built-module.yml
index 5a584ccae..ca0d8a567 100644
--- a/.github/workflows/code-analysis-built-module.yml
+++ b/.github/workflows/code-analysis-built-module.yml
@@ -62,6 +62,6 @@ jobs:
 
           Write-Information -MessageData 'Analyzing done.' -InformationAction 'Continue'
       - name: Upload SARIF results
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/code-analysis.yml b/.github/workflows/code-analysis.yml
index 8e5cbe14e..1cab501da 100644
--- a/.github/workflows/code-analysis.yml
+++ b/.github/workflows/code-analysis.yml
@@ -72,6 +72,6 @@ jobs:
 
           Write-Information -MessageData 'Analyzing done.' -InformationAction 'Continue'
       - name: Upload SARIF results
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: results.sarif
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7dc985415..c346228c2 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -25,6 +25,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - SqlServerDsc
   - Bump PSResourceGet to v1.0.0 (used when resolving dependencies).
   - Update markdown highlights with newly supported keywords.
+  - Bump GitHub Action _CodeQL-Action_ to v3.
 
 ## [16.5.0] - 2023-10-05